EDITOR’S QUESTION
Cloud based
artificial intelligence
Security vendors are deploying artificial intelligence solutions into the
cloud to use a wider base of analytics and improve threat detection,
writes Ross Brewer at LogRhythm.
H
ow is artificial
intelligence
making an impact
on your security
solution portfolio?
Ross Brewer, Managing Director and Vice
President, EMEA, LogRhythm.
O
rganisations face a growing
number of increasingly complex
and ever-evolving threats – and
the most dangerous threats are often the
hardest to discover. Take the insider threat
or stolen credentials, for example. We
have seen many high-profile attacks stem
from the unauthorised use of legitimate
user credentials, which can be extremely
difficult to expose.
The perimeter-based model of
yesterday is insufficient for the mammoth
task of protecting a company’s assets.
Instead, we are starting to see a shift
towards automation and the application of
cloud-based artificial intelligence, which is
fast becoming critical in the fight against
modern cyber threats.
A recent IDC report predicted that
the artificial intelligence software market
would grow at a CAGR of over 39% by
50
2021, whilst separate research from the
analyst firm stated that the future of
artificial intelligence requires the cloud as
a foundation, with enterprise cloud first
strategies becoming more prevalent over
the same period.
The cloud is, without doubt,
transforming security by enabling easy
and rapid customer adoption, saving time
and money, and providing companies with
access to a class of artificial intelligence-
enabled analytics that are not otherwise
technically practical or affordable to deploy
on-premise. Plug-and-play implementation
lets security teams focus on their mission
instead of spending valuable time
implementing and maintaining a new tool.
What is more, when deployed in the
cloud, artificial intelligence can benefit
from collective intelligence and a broader
perspective to maximise intelligence.
Imagine incorporating real-world insight
into specific threats in real time. This
will advance the ability of artificial
intelligence-powered analytics to detect
even the stealthiest or previously unknown
threats more quickly, and with greater
accuracy than ever before.
By combining a wide array of
behavioural models to characterise shifts in
how users interact with the IT environment,
cloud-based artificial intelligence
technology is helping organisations pursue
user-based threats, including signatureless
and hidden threats.
Applying cloud-based artificial
intelligence throughout the threat
lifecycle will automate and enhance
entire categories of work, as well as
enable increasingly faster and more
effective detection of real threats. Take
analytics, for example. Hackers are
constantly evolving their tactics and
techniques to evade existing protective
and defensive measures, targeting
new and existing vulnerabilities and
unleashing attack methods that have
never been seen before.
Cloud artificial intelligence is beginning
to play an important role in detecting
these emerging threats. The technology is
proactive and predictive, without the need
for security and IT personnel to configure
and tune systems, automatically learning
what is normal and evolving to register
even the most subtle changes in events and
behaviour models that suggest a breach
might be occurring.
Cloud-based artificial intelligence
essentially helps security analysts cut
through the noise and detect serious
threats earlier in their lifecycle so that
they can immediately be neutralised. It
provides rapid time-to-value through
cloud delivery and promises to eliminate
or augment a considerable number of
time-consuming manual threat detection
and response exercises. This allows
security teams to drive greater efficiency
by focusing on the higher-value activities
that require direct human touch.
Issue 16
INTELLIGENT TECH CHANNELS